127 matches found
UBUNTU-CVE-2025-54869
FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 and below, any application that uses FPDI to process user-supplied PDF files is at risk, causing a Denial of Service DoS vulnerability. An attacker...
CVE-2019-1010258
nanosvg library nanosvg after commit c1f6e209c16b18b46aa9f45d7e619acf42c29726 is affected by: Buffer Overflow. The impact is: Memory corruption leading to at least DoS. More severe impact vectors need more investigation. The component is: it's part of a svg processing library. function...
CLSA-2025-1739961336 libxml2: Fix of CVE-2022-49043
CVE-2022-49043: fix use-after-free vulnerability in xmlXIncludeAddNode...
Intel® VPL Software Advisory
Summary: A potential security vulnerability in some Intel® Video Processing Library VPL software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-21830 Description: Uncontrolled search path in...
Unspecified Vulnerability in OpenImageIO
OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats. OpenImageIO security vulnerability , the vulnerability stems from the component / imagebuf.cpp in the allocation of the size of the over-sized error , ...
Intel VPL 缓冲区错误漏洞
Intel VPL is a video processing library from Intel Corporation USA . A buffer error vulnerability exists in Intel VPL versions prior to 24.1.4, which originates from a memory out-of-bounds read. An attacker can exploit the vulnerability to obtain sensitive information...
Intel VPL 安全漏洞
Intel VPL is a video processing library from Intel Corporation USA . A security vulnerability exists in Intel VPL versions prior to 24.1.4, which is caused by a null pointer dereference. An attacker exploiting this vulnerability could cause a denial of service on the system...
PT-2024-41494 · Git +1 · Pcapplusplus
Name of the Vulnerable Software and Affected Versions: libpcap affected versions not specified Description: The software contains a use-of-uninitialized-value issue within the pcpp::NflogLayer::parseNextLayer and pcpp::Packet::setRawPacket functions, as reported by OSS-Fuzz. This issue occurs...
Moderate: Red Hat Security Advisory: python-pillow security update
An update for python-pillow is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
PT-2024-13631 · Intel +1 · Intel Onevpl +1
Name of the Vulnerable Software and Affected Versions: IntelR oneVPL versions prior to 23.3.5 Description: The issue is related to a NULL pointer dereference, which may allow an authenticated user to potentially enable information disclosure via local access. Recommendations: For versions prior t...
PT-2024-40733 · Pcpp · Pcpp
Name of the Vulnerable Software and Affected Versions: pcpp affected versions not specified Description: The issue is related to a crash in the pcpp library, specifically in the pcpp::IPv6Layer destructor. The crash occurs due to a segmentation fault on an unknown address. Technical details about...
OpenImageIO Security Vulnerability
OpenImageIO is OpenImageIO open source an image processing library . With an easy-to-use interface and a large number of supported image formats. OpenImageIO has a security vulnerability that stems from the presence of a heap buffer overflow that allows remote attackers to pass specially crafted...
[SECURITY] Fedora 39 Update: oneVPL-2023.3.1-1.fc39
The oneAPI Video Processing Library oneVPL provides a single video processi ng API for encode, decode, and video processing that works across a wide range of accelerators. The base package is limited to the dispatcher and samples. To use oneVPL for video processing you need to install at least on...
CVE-2023-45667 Null pointer dereference because of an uninitialized variable in stb_image
stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...
Fedora: Security Advisory for oneVPL (FEDORA-2023-b6aab4f954)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 38 Update: oneVPL-2023.3.1-1.fc38
The oneAPI Video Processing Library oneVPL provides a single video processi ng API for encode, decode, and video processing that works across a wide range of accelerators. The base package is limited to the dispatcher and samples. To use oneVPL for video processing you need to install at least on...
libvpx: crash related to VP9 encoding in libvpx
A heap-based buffer overflow flaw was found in libvpx, a library used to process VP9 video codecs data. This issue occurs when processing certain specially formatted video data via a crafted HTML page, allowing an attacker to crash or remotely execute arbitrary code in an application, such as a w...
libvpx: crash related to VP9 encoding in libvpx
A heap-based buffer overflow flaw was found in libvpx, a library used to process VP9 video codecs data. This issue occurs when processing certain specially formatted video data via a crafted HTML page, allowing an attacker to crash or remotely execute arbitrary code in an application, such as a w...
libwebp: Heap buffer overflow in WebP Codec
A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this...
Input validation
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...